The General Data Protection Regulation (GDPR) is a regulation that the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU).

The principle of GDPR is to give control back to citizens and residents over their personal data and to simplify and clarify how and why information about you might be used. It becomes enforceable from 25 May 2018.

Under the GDPR Saint Catherine’s Hospice is a ‘Data Controller’ and we are working to be GDPR compliant. Part of our obligations under the GDPR is being open and transparent about the lawful basis under which we process personal data, what data we record and hold about our patients, the security we employ to keep it safe, what we do with it, who we might share it with and how long we keep it this, and ultimately dispose of it. We also set out your right of access to the data we hold about you.

The following pages and links set out in what we hope is an easily understood and easy to follow format, but that does not stop you contacting us if you have any questions. The contact details for our Data Protection Officer are under the contact us section.

Saint Catherine’s Hospice is a specialist palliative care provider, to be effective and  give you the best possible care across all of the services we provide, we need to keep important information about our patients and, where appropriate, their next of kin.

The privacy and confidentiality of our patients data is an organisation wide priority. We follow the required national approach to this, called Information Governance. This requires us to have effective data protection measures in place, along with the correct processes for handling of personal and sensitive information about patients, staff and our volunteers, as well as how we work with any individual, business or organisation that supports us or partners with us. Information is dealt with legally, securely, efficiently and effectively.